What is a digital signature and how does it work?

As we saw in the previous FAQ public-private keys are used to pass sensitive
information however it can also be used to provide authentication that a sender
is who they say they are. It does not protect the contents of the message, it
only proves it is from who it says its from.

It provides authentication and integrity but does not provide
confidentiality, data is sent as normal but acts like a normal signature we use
on a letter.

A digital signature works by creating a message digest which ranges from
between a 128-bit and a 256-bit number which is generated by running the entire
message through a hash algorithm. This generated number is then encrypted with
the senders private key and added to the end of the message.

When the recipient receives the message they run the message through the same
hash algorithm and generate the message digest number. They then decrypt the
signature using the senders public key and providing the two numbers match they
know the message is from who it says its from AND that is has not been modified.